#[derive(FromForm)]
struct PersonInfo {
    account: String,
    email: String,
    tel: String,
    alipay_account: String,
    alipay_name: String,
    qq_number: String,
    old_password: String,
    new_password: String
}

#[post("/library/edit_person_info", data = "<form>")]
fn edit_person_info1(form: Form<PersonInfo>, cookies: Cookies, state: State<MySqlDriver>) -> String {
    let user_info: UserInfo = get_cookies(&cookies);
    if user_info.id == 0 {
        return "fail:您未登录，请先登录".to_string();
    }

    let mut except_vec: Vec<char> = Vec::new();
    except_vec.push('\'');
    except_vec.push('"');
    except_vec.push('\\');
    let account_hostr: HoString = HoString::copy_string(form.account.clone());
    let email_hostr: HoString = HoString::copy_string(form.email.clone());
    let tel_hostr: HoString = HoString::copy_string(form.tel.clone());
    let alipay_account_hostr: HoString = HoString::copy_string(form.alipay_account.clone());
    let alipay_name_hostr: HoString = HoString::copy_string(form.alipay_name.clone());
    let qq_number_hostr: HoString = HoString::copy_string(form.qq_number.clone());
    let old_password_hostr: HoString = HoString::copy_string(form.old_password.clone());
    let new_password_hostr: HoString = HoString::copy_string(form.new_password.clone());
    if account_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        email_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        tel_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        alipay_account_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        alipay_name_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        qq_number_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        old_password_hostr.contains_char_vec(except_vec.clone(), 0) == true ||
        new_password_hostr.contains_char_vec(except_vec.clone(), 0) == true {
        return "fail:表单值不能包含引号和斜杠".to_string();
    }

    let pool_result: Result<Pool, mysql::Error> = Pool::new(state.driver.as_str());
    let pool: Pool;
    if let Ok(p) = pool_result {
        pool = p;
    } else {
        return "fail:无法建立数据库连接".to_string();
    }
    let conn_result: Result<PooledConn, mysql::Error> = pool.get_conn();
    let mut conn: PooledConn;
    if let Ok(c) = conn_result {
        conn = c;
    } else {
        return "fail:无法获取数据库连接".to_string();
    }

    let mut sql: String = format!("SELECT COUNT(`id`) AS `count` FROM `user` WHERE `account` = '{}'", form.account.as_str());
    let row: Row = conn.query_first(sql.clone()).unwrap().unwrap();
    let count: usize = from_row(row);
    if count == 0 {
        return "fail:账号不存在".to_string();
    }
    sql = format!("SELECT `password` FROM `user` WHERE `id` = {} LIMIT 1", user_info.id);
    let pwd_row: Row = conn.query_first(sql.clone()).unwrap().unwrap();
    let pwd: String = from_row(pwd_row);
    let mut sql: String = format!("UPDATE `user` SET `account` = '{}', `email` = '{}', `tel` = '{}', `alipay_account` = '{}', `alipay_name` = '{}', `qq_number` = '{}'", form.account.as_str(), form.email.as_str(), form.tel.as_str(), form.alipay_account.as_str(), form.alipay_name.as_str(), form.qq_number.as_str());
    let mut new_pwd: String = String::new();
    if old_password_hostr.length() > 0 {
        let verify_result: BcryptResult<bool> = verify(form.old_password.clone(), pwd.as_str());
        if let Ok(v) = verify_result {
            if v {
                let pwd_result: BcryptResult<String> = hash(pwd.as_str(), DEFAULT_COST);
                if let Err(_) = pwd_result {
                    return "fail:无法加密密码".to_string();
                }
                new_pwd.push_str(pwd_result.unwrap().as_str());
            } else {
                return "fail:旧密码错误".to_string();
            }
        } else {
            return "fail:验证失败".to_string();
        }
        sql.push_str(format!(", `password` = '{}'", new_pwd.as_str()).as_str());
    }
    let _ = conn.exec_drop(sql.clone(), ());
    return "success:".to_string();
}

#[get("/edit_person_info")]
fn edit_person_info(cookies: Cookies, state: State<MySqlDriver>) -> Response<'static> {
    let mut res = Response::new();
    res.set_header(ContentType::HTML);
    let user_info: UserInfo = get_cookies(&cookies);
    if user_info.id == 0 {
        res.set_sized_body(Cursor::new(format!("您未登录，请先<a href=\"{}login\">登录</a>", state.base_url.as_str())));
        return res;
    }

    // mod_id: String, 
    // mod_menu_open: String, 
    // sub_mod_id: String, 
    // page_title: String, 
    // title: String
    let header: String = get_header(
        "info-mod".to_string(), 
        "info-mod-menu-open".to_string(), 
        String::new(),
        "用户后台 - 个人信息编辑".to_string(), 
        "个人信息编辑".to_string(), &cookies,
        &state);

    let pool_result: Result<Pool, mysql::Error> = Pool::new(state.driver.as_str());
    let pool: Pool;
    if let Ok(p) = pool_result {
        pool = p;
    } else {
        res.set_sized_body(Cursor::new("无法建立数据库连接".to_string()));
        return res;
    }
    let conn_result: Result<PooledConn, mysql::Error> = pool.get_conn();
    let mut conn: PooledConn;
    if let Ok(c) = conn_result {
        conn = c;
    } else {
        res.set_sized_body(Cursor::new("无法获取数据库连接".to_string()));
        return res;
    }
    let sql: String = format!("SELECT `account`, `email`, `tel`, `alipay_account`, `alipay_name`, `qq_number`, `commission` FROM `user` WHERE `id` = {} LIMIT 1", user_info.id);
    let row: Row = conn.query_first(sql.clone()).unwrap().unwrap();
    let (account, email, tel, alipay_account, alipay_name, qq_number, commission): (String, String, String, String, String, String, usize) = from_row(row);

    let mut src_vec: Vec<&[u8]> = Vec::new();
    let mut replace_vec: Vec<&[u8]> = Vec::new();

    let commission_str: String = commission.to_string();
    let footer_string: String = get_footer();
    src_vec.push("{header}".as_bytes());
    src_vec.push("{base_url}".as_bytes());
    src_vec.push("{account}".as_bytes());
    src_vec.push("{email}".as_bytes());
    src_vec.push("{tel}".as_bytes());
    src_vec.push("{alipay_account}".as_bytes());
    src_vec.push("{alipay_name}".as_bytes());
    src_vec.push("{qq_number}".as_bytes());
    src_vec.push("{commission}".as_bytes());
    src_vec.push("{footer}".as_bytes());
    replace_vec.push(header.as_bytes());
    replace_vec.push(state.base_url.as_bytes());
    replace_vec.push(account.as_bytes());
    replace_vec.push(email.as_bytes());
    replace_vec.push(tel.as_bytes());
    replace_vec.push(alipay_account.as_bytes());
    replace_vec.push(alipay_name.as_bytes());
    replace_vec.push(qq_number.as_bytes());
    replace_vec.push(commission_str.as_bytes());
    replace_vec.push(footer_string.as_bytes());

    let mut page_str: HoString = HoFile::read_file_bytes("web/edit_person_info.html");
    page_str = page_str.replace_bytes_vec(src_vec, replace_vec);
    let html: String = page_str.to_str().to_string().to_owned();
    res.set_sized_body(Cursor::new(html));
    return res;
}

